I agree to TechTarget’s Terms of Use, Privacy Policy, and the transfer of my information to the United States for processing to provide me with relevant information as described in our Privacy Policy.

Please check the box if you want to proceed.

I agree to my information being processed by TechTarget and its Partners to contact me via phone, email, or other means regarding information relevant to my professional interests. I may unsubscribe at any time.

Please check the box if you want to proceed.

By submitting my Email address I confirm that I have read and accepted the Terms of Use and Declaration of Consent.

offers a handful of services on Azure to track both system and application performance, as well as review events that are written to logging services.

There are two specific Azure logging options: Activity Log, which provides insights into changes that have taken place at the platform level, and Diagnostic Log, which provides visibility into the guest OSes that power VMs.

Here's a closer look at each Azure logging service to understand the key differences and when to use one versus the other.

Azure Activity Log

Activity Log is an Azure logging service dedicated to events that take place on the cloud platform. Each Azure subscription has a log stream that contains all events that make changes to the cloud resources you run. For example, in Activity Log, you can review which Azure resources were changed, when those changes occurred and who or what performed the change. This provides an audit trail and enables administrators to see detailed information about any resource modifications.

In addition to tracking resource changes, Activity Log provides information about Azure service health, such as availability issues and outages. You can query this information in a variety of ways, including through the Azure portal or with command-line tools, like PowerShell and the Azure command line. For more sophisticated processing, stream log data to Azure Event Hubs and feed it into a custom analytics system, such as PowerBI. You can also export data from Activity Log to an Azure storage account for manual inspection and long-term retention. This is helpful when you need to store records of activity logs for compliance purposes.

It's possible to create alerts for Activity Log events. First, navigate to any resource group or individual resource in the Azure portal. Under the Monitoring section, you'll see an option for Alert Rules. Within Alert Rules, click Add activity log alert, as shown in Figure 1 below.

Figure 1. Add alerts for Activity Log events.

When you create an Activity Log alert, you can choose a specific event category, such as service health issues, administrative events or resource health. In the example in Figure 2 below, I've configured an alert for restarts of a particular VM. If anyone reboots that machine, an alert is sent via email based on the actions configured for the alert.

Figure 2. Choose an event category for Activity Log alerts.

Rather than send alerts via email, you can configure actions to send alerts via SMS text messages. You can also invoke a webhook, which enables you to make a call to a third-party HTTP API.

Azure Diagnostic Logs

In addition to keeping an eye on platform-level events, you can retrieve log data from guest OSes in Azure. For example, as part of the Azure Monitoring service, you can enable guest-level monitoring of VMs. This installs a VM extension that runs as an agent inside the VM. You can then monitor guest-level performance metrics, such as CPU or memory utilization, as well as the logs on those VMs.

The diagnostics extension is available for both Windows- and Linux-based VMs.

Again, there are a number of ways to use this Azure logging service. Like you can with Activity Log, you can export data from Diagnostic Logs to an Azure storage account or stream it to Azure Event Hubs for custom processing.

Another option is to send Diagnostic Logs data to Operations Management Suite Log Analytics. This is a cloud-based service from Microsoft that enables teams to monitor both cloud and on-premises environments. It collects data generated by a variety of sources and provides analytics tools for those resources.

To enable diagnostic Azure logging for VMs, navigate to the Monitoring section, and click Diagnostic settings. You'll see an option like the one in Figure 3 below to enable guest-level monitoring.

Figure 3. Enable guest-level monitoring.

Once installed, click on the Logs tab, and enable the log sources from which you want to retrieve data. You can also install the diagnostics extension from command-line tools as well.

Join the conversation

1 comment

Register

I agree to TechTarget’s Terms of Use, Privacy Policy, and the transfer of my information to the United States for processing to provide me with relevant information as described in our Privacy Policy.

Please check the box if you want to proceed.

I agree to my information being processed by TechTarget and its Partners to contact me via phone, email, or other means regarding information relevant to my professional interests. I may unsubscribe at any time.